In our office (and I am sure many others) we access various websites and tend to share one account with our team. For example, we share credentials to Ebay and change them every few weeks to maintain some sense of security. However, we know this does not allow for any type of accountability for major changes.

After some discussion we want to try to manage how we distribute credentials for sites that may not offer child accounts. Is there any smart and safe way to do this? If so how do you do it?

5 Answers
5

Create a simple (but secure!) system that holds all the passwords for different services. Give everyone individual access to that system. The system provides the password for the service the user requests to access. Whenever a user requests password to a site, for example eBay, that request is logged. The user is given the current eBay password, and a randomly generated new password. The user then must immediately change the eBay password to the new one, whether or not she decides to use the service.

This way the user A is accountable for anything done in the period starting from her getting the password, and ending in a new password request. When user B requests a password, she gets the same password user A knows, but B then becomes accountable and thus must immediately change the password in order to deny user A access.

The full history of passwords should be stored for admins to gain access to the service in case some user does not change the password.

This is no way bulletproof, of course. There is a brief period of time before password change where user A could access the service while B is actually accountable. Also, if B requests a password, does something foul and afterwards changes the password to something completely else she could plausibly claim A changed the password, and the one B got never worked in the first place. But I don't think this sort of activity a was a concern in your case.

Obviously the ideal situation would be to have separate accounts for everyone and everything.

If that's not possible it seems to me that you should nominate someone as a sort of "password keeper", someone in a position of management maybe. That person can keep track of all the passwords, loan them out to staff that have a need, then when the staff member has finished the password keeper can change the password.

That way you have security and accountability, the password keeper knows that if something untoward occurs who had access to the accounts at the time.

The way to go is, of course, split accounts; usually the accountability part is only money, and part of the method is to allow for different accounts using 'additional' credit cards, and all the card belong to one account. This is usually free of charge for banks. and they often allow you to set different credit limits for each accounts.

Remember though, the way to go for responsibility, is to have each of the user hold the password of their own account so that others does not know, and this allow the best accountability.

There is an online service that does what you need: LastPass. You can create one account, and share the master password. Whenever anyone changes your password for an online account, it automagically updates the lastpass system so that the next person to use that site automagically uses the new password.

Depends on how tight you need to be and how much you trust each other. When I worked in an office (almost all devs) it wasn't an issue to me if multiple people knew most of the passwords - what was more important that everyone was able to get hold of the ones they needed.

To which end we used a networked, shared password database application - specifically Password Manager XP:

You have scope to lock things down more than just on a per database basis - and realistically its a question of how much you trust what group, you almost need to come at it from the other end - what do you need to do and having decided that then go hunt the tools that will let you achieve what you want.

(Because my office was full of devs we didn't lock much down 'cos I had an expectation that they should be able to walk round any security that didn't require a serious effort to maintain).